公开(公告)号：US07461254B1

公开(公告)日：2008-12-02

申请号：US11237573

申请日：2005-09-28

申请人： Aviel D. Rubin

发明人： Aviel D. Rubin

IPC分类号： H04L9/32 ,  G06F15/16

CPC分类号： H04L63/0428 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/123 ,  H04L2209/60 ,  H04M1/7255

摘要： The present invention provides a system and method for providing certified voice and/or multimedia mail messages in a broadband signed communication system which uses packetized digital information. Cryptography is used to authenticate a message that has been compiled from streaming voice or multimedia packets. A certificate of the originator's identity and electronic signature authenticates the message. A broadband communication system user may be provisioned for certified voice and/or multimedia mail by registering with a certified mail service provider and thereby receiving certification. The called system user's CPE electronically signs the bits in received communication packets and returns the message with an electronic signature of the called system user to the calling party, along with the system user's certificate obtained from the service provider/certifying authority during registration. The electronic signature is a cryptographic key of the called party.

摘要翻译： 本发明提供一种用于在使用打包数字信息的宽带有符号通信系统中提供经认证的语音和/或多媒体邮件消息的系统和方法。 密码学用于验证已从流式语音或多媒体数据包中编译的消息。 发件人的身份和电子签名的证书会验证该消息。 宽带通信系统用户可以通过向认证的邮件服务提供商注册并由此接收认证来为经认证的语音和/或多媒体邮件提供。 被叫系统用户的CPE以电子方式对所接收到的通信分组中的比特进行签名，并将具有被叫系统用户的电子签名的消息与注册期间从服务提供商/认证机构获得的系统用户证书一起返回给主叫方。 电子签名是被叫方的加密密钥。

公开(公告)号：US5809140A

公开(公告)日：1998-09-15

申请号：US729917

申请日：1996-10-15

申请人： Aviel D. Rubin ,  Victor J. Shoup

发明人： Aviel D. Rubin ,  Victor J. Shoup

IPC分类号： H04L9/08 ,  H04L9/00

CPC分类号： H04L9/0827 ,  H04L9/083 ,  H04L9/0838

摘要： Methods and apparatus are disclosed for providing secure session key distribution using a smart circuit card or other intelligent device. First and second hosts communicate with each other and with a server over a communication network. The first host initiates the session key distribution process by transmitting a session identifier to the server. The first host uses a first smart card storing the first host secret key to generate a first message in the form of a random bit stream which is transmitted to the second host. The server generates a second message as a function of the server secret key and the session identifier, and transmits it to the first host. The second host uses a second smart card storing the second host secret key to generate a third message as a function of the second host secret key and the first message, and transmits the third message to the first host. The first host then uses the first smart card to generate a potential session key pair as a function of the second and third messages and the first host secret key. If the first host accepts the session key pair, it transmits one of the session keys of the pair to the second host. The second host uses the second smart card to generate a validity indication as a function of the transmitted session key and a portion of the third message, and accepts or rejects the session key depending upon the result. The first and second cards may be implemented as stateless devices which include only limited memory, processing and input/output capabilities.

摘要翻译： 公开了使用智能电路卡或其他智能装置提供安全会话密钥分配的方法和装置。 第一和第二主机通过通信网络彼此通信并与服务器进行通信。 第一主机通过向服务器发送会话标识符来发起会话密钥分配过程。 第一主机使用存储第一主机秘密密钥的第一智能卡来生成以第二主机发送的随机比特流形式的第一消息。 服务器根据服务器密钥和会话标识符生成第二个消息，并将其发送到第一个主机。 第二主机使用存储第二主机秘密密钥的第二智能卡来生成作为第二主机秘密密钥和第一消息的函数的第三消息，并将第三消息发送到第一主机。 然后，第一主机使用第一智能卡来产生作为第二和第三消息和第一主机秘密密钥的函数的潜在会话密钥对。 如果第一主机接受会话密钥对，则将该对的会话密钥中的一个发送给第二主机。 第二主机使用第二智能卡来生成作为发送的会话密钥和第三消息的一部分的函数的有效性指示，并且根据结果接受或拒绝会话密钥。 第一和第二卡可以被实现为无状态设备，其仅包括有限的存储器，处理和输入/输出能力。

公开(公告)号：US08504835B2

公开(公告)日：2013-08-06

申请号：US13602138

申请日：2012-09-01

申请人： Aviel D. Rubin

发明人： Aviel D. Rubin

IPC分类号： G06F21/22 ,  H04L9/32 ,  H04K1/00

CPC分类号： H04L9/3226 ,  H04L9/0863 ,  H04L9/3242 ,  H04L2209/56

摘要： The present invention is directed to an architecture and mechanism for securely backing up files and directories on a local machine onto untrusted servers over an insecure network.

公开(公告)号：US07536359B1

公开(公告)日：2009-05-19

申请号：US11006360

申请日：2004-12-06

申请人： William A. Aiello ,  Aviel D. Rubin ,  Martin J. Strauss

发明人： William A. Aiello ,  Aviel D. Rubin ,  Martin J. Strauss

IPC分类号： G06F17/60

CPC分类号： G07F7/0866 ,  G06Q20/3672 ,  G06Q20/3674

摘要： The present invention permits a user to conduct remote transactions without a network while using an untrusted computing device, such as a hand-held personal digital assistant or a laptop computer. The computing device is augmented with a smartcard reader, and the user obtains a smartcard and connects it to the device. This design can be used by an untrusted user to perform financial transactions, such as placing bets on the outcome of a probabilistic computation. Protocols are presented for adding (purchasing) or removing (selling) value on the smartcard, again without requiring a network connection. Using the instant protocols, neither the user nor the entity issuing the smartcards can benefit from cheating.

摘要翻译： 本发明允许用户在使用诸如手持式个人数字助理或膝上型计算机之类的不受信任的计算设备的情况下进行远程交易而无需网络。 计算设备用智能卡读卡器增强，用户获得智能卡并将其连接到设备。 这种设计可以由不受信任的用户使用来执行金融交易，例如将下注放在概率计算的结果上。 提出了在智能卡上添加（购买）或删除（销售）价值的协议，而不需要网络连接。 使用即时协议，用户和发行智能卡的实体都不能受益于作弊。

公开(公告)号：US07149803B2

公开(公告)日：2006-12-12

申请号：US09877977

申请日：2001-06-08

申请人： Frederick Douglis ,  Michael Rabinovich ,  Aviel D. Rubin ,  Oliver Spatscheck

发明人： Frederick Douglis ,  Michael Rabinovich ,  Aviel D. Rubin ,  Oliver Spatscheck

IPC分类号： G06F15/16 ,  G06F3/00 ,  H04L12/28 ,  H04L9/00

CPC分类号： H04L63/0442 ,  H04L63/166

摘要： The present invention is directed to a method of providing content distribution services while minimizing the processing time required for security protocols such as the Secure Sockets Layer.

公开(公告)号：US5638446A

公开(公告)日：1997-06-10

申请号：US520351

申请日：1995-08-28

申请人： Aviel D. Rubin

发明人： Aviel D. Rubin

IPC分类号： H04L9/32 ,  H04L9/30

CPC分类号： H04L9/321 ,  H04L9/3215 ,  H04L9/3263 ,  H04L2209/60

摘要： A process for using a trusted third party to create an electronic certificate for an electronic file that can be used to establish the file and verify the identity of the creator of the file. The process is composed of two phases, a registration phase and an electronic file distribution phase. In the registration phase, a trusted third party receives information about an author, including the author's public key and affirmatively verifies the accuracy of this information. In the file distribution phase, an author sends to the trusted third party a signed message containing the hash of the file the author wants to distribute. The trusted third party creates an electronic certificate, signed by the trusted third party, containing the hash of the file sent by the author. A user desiring to receive the file, retrieves the file with the certificate an uses the certificate to verifies, first, that the certificate was created by the trusted third party, and, second, that the hash of the file in the certificate is the same as the hash that is computed from the retrieved file. If these two hash's match, then the user is assured that the file did originate with the author and is uncorrupted.

摘要翻译： 使用可信第三方为电子文件创建电子证书的过程，该电子证书可用于建立文件并验证文件的创建者的身份。 该过程由两个阶段组成：注册阶段和电子文件分发阶段。 在注册阶段，受信任的第三方收到作者的信息，包括作者的公钥，并肯定地验证了该信息的准确性。 在文件分发阶段，作者向可信第三方发送包含作者希望分发的文件的散列的签名消息。 受信任的第三方创建由可信第三方签名的电子证书，其中包含由作者发送的文件的散列。 希望接收文件的用户，使用证书检索文件，使用证书来验证证书是否由可信任的第三方创建，其次证书中的文件的散列是相同的 作为从检索的文件计算的散列。 如果这两个哈希的匹配，那么用户确信文件确实源自作者，并且未被破坏。

公开(公告)号：US20120331294A1

公开(公告)日：2012-12-27

申请号：US13602138

申请日：2012-09-01

申请人： Aviel D. Rubin

发明人： Aviel D. Rubin

IPC分类号： H04L9/32

CPC分类号： H04L9/3226 ,  H04L9/0863 ,  H04L9/3242 ,  H04L2209/56

摘要： The present invention is directed to an architecture and mechanism for securely backing up files and directories on a local machine onto untrusted servers over an insecure network.

公开(公告)号：US08261075B2

公开(公告)日：2012-09-04

申请号：US13236099

申请日：2011-09-19

申请人： Aviel D. Rubin

发明人： Aviel D. Rubin

IPC分类号： G06F21/22 ,  H04L9/32 ,  H04K1/00

CPC分类号： H04L9/3226 ,  H04L9/0863 ,  H04L9/3242 ,  H04L2209/56

摘要： The present invention is directed to an architecture and mechanism for securely backing up files and directories on a local machine onto untrusted servers over an insecure network.

摘要翻译： 本发明涉及一种用于通过不安全网络将本地机器上的文件和目录安全地备份到不可信服务器上的架构和机制。

公开(公告)号：US07797538B2

公开(公告)日：2010-09-14

申请号：US12315352

申请日：2008-12-02

申请人： Aviel D. Rubin

发明人： Aviel D. Rubin

IPC分类号： H04L9/32 ,  H04M1/65

CPC分类号： H04L63/0428 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/123 ,  H04L2209/60 ,  H04M1/7255

摘要： The present invention provides a system and method for providing certified voice and/or multimedia mail messages in a broadband signed communication system which uses packetized digital information. Cryptography is used to authenticate a message that has been compiled from streaming voice or multimedia packets. A certificate of the originator's identity and electronic signature authenticates the message. A broadband communication system user may be provisioned for certified voice and/or multimedia mail by registering with a certified mail service provider and thereby receiving certification. The called system user's CPE electronically signs the bits in received communication packets and returns the message with an electronic signature of the called system user to the calling party, along with the system user's certificate obtained from the service provider/certifying authority during registration. The electronic signature is a cryptographic key of the called party.

摘要翻译： 本发明提供一种用于在使用分组化数字信息的宽带有符号通信系统中提供经认证的语音和/或多媒体邮件消息的系统和方法。 密码学用于验证已从流式语音或多媒体数据包中编译的消息。 发件人的身份和电子签名的证书会验证该消息。 宽带通信系统用户可以通过向认证的邮件服务提供商注册并由此接收认证来为经认证的语音和/或多媒体邮件提供。 被叫系统用户的CPE以电子方式对所接收到的通信分组中的比特进行签名，并将具有被叫系统用户的电子签名的消息与注册期间从服务提供商/认证机构获得的系统用户证书一起返回给主叫方。 电子签名是被叫方的加密密钥。

公开(公告)号：US07606706B1

公开(公告)日：2009-10-20

申请号：US09553361

申请日：2000-04-20

申请人： Aviel D. Rubin ,  Martin J. Strauss

发明人： Aviel D. Rubin ,  Martin J. Strauss

IPC分类号： G10L15/26 ,  H04M1/64

CPC分类号： H04L65/604 ,  H04L51/04 ,  H04L51/22 ,  H04L63/0428 ,  H04L65/607

摘要： A mechanism is provided to build and maintain a searchable database of communication content and related indicia information of all voice and multimedia (audio and video) communications in which a person participates using a broadband communication system. A personal communication module may be coupled to a user's communication device and a broadband communication network for capturing data and performing voice recognition associated with a communication. Data may be stored in a database and searched including, for example, keywords from the communications, date, time, number, etc.

摘要翻译： 提供一种机制来构建和维护通过使用宽带通信系统参与的所有语音和多媒体（音频和视频）通信的通信内容和相关标记信息的可搜索数据库。 个人通信模块可以耦合到用户的通信设备和用于捕获数据并执行与通信相关联的语音识别的宽带通信网络。 数据可以存储在数据库中并且被搜索，包括例如来自通信，日期，时间，数量等的关键字。